3rd party AV with Sandboxie, or not?

I understand that Sandboxie has not updated their templates since they were bought by Invincea, and that there is a potential for Sandboxie to interfere with the functioning of the AV, due to Sandboxie's agressive hooks into the Windows kernel, and other reasons. They recommend to use the native Windows Defender, which doesn't conflict.

What do you Sandboxie users run on your PCs? WD, or third-party AV? Or you aren't so concerned about AV, since you are sandboxed anyway?

I was using Webroot SA, but I saw that SBIE doesn't even have a template for it at all, and furthermore, webroot has its own sandbox feature, and that made me concerned about hidden conflicts.

Developer

Correction. A/V conflicts with Sandboxie. Please get that straight. And we list the conflicts. We don't hide that.

The aggressive hooks are needed, but unless you're a Dev supporting a program that has to work with Windows XP -Win 10 while working with a multitude of browsers, programs, security, tokens, etc.etc.etc.etc.etc. it's hard to grasp.

There are 6 million A/V vendors it seems like. It's not our job to work with EVERY ONE of them. As we have our own proven, industry leading function to do...sandboxing-isolation- A container. Sorry we didn't dedicate resources to one particular A/V vendor. Your priorities are wrong it appears. Do you want to rely on A/V? Or proven containment????

The templates open up holes in the sandbox and/or allow the A/V to work by ignoring the SB container. There are many other A/V software we've tested that works with SBIE. That's updated in our forum regularly and other long term, seasoned SBIE users have agreed Defender is all you need if your are curious what MAY be in the sandbox.

Again, if SBIE is your primary protection, then the "extra" layer is just that...a feel good layer to see what is in the Sandbox.

As for templates, That's not only an invincea issue. The original creator of SBIE wasn't a fan of templates either. Why should we waste resources on making A/V work with us when it's not needed overall & usually directly interferes with our product? We do that as a courtesy.

As for other "Sandboxing" programs, well.... All I can say, there is only one Sandboxie. Proven. For over a decade. With 4+ million users.

There are 6 million A/V vendors it seems like. It's not our job to work with EVERY ONE of them. As we have our own proven, industry leading function to do...sandboxing-isolation- A container. Sorry we didn't dedicate resources to one particular A/V vendor. Your priorities are wrong it appears. Do you want to rely on A/V? Or proven containment????

Click to expand...

Hey, I use Sandboxie too, my intent was not to criticize. You're doing a great job over there. I am just asking the community for input and advice, since I'm not a dev or a tester, and an ordinary user like me will let files out of the sandbox sooner or later, so it's good to have an effective AV as well. After all, some malware hides itself in a virtualized environment, so you can never be sure.
The goal is multi-layered protection, in my opinion.

Correction. A/V conflicts with Sandboxie. Please get that straight. And we list the conflicts. We don't hide that.

The aggressive hooks are needed, but unless you're a Dev supporting a program that has to work with Windows XP -Win 10 while working with a multitude of browsers, programs, security, tokens, etc.etc.etc.etc.etc. it's hard to grasp.

There are 6 million A/V vendors it seems like. It's not our job to work with EVERY ONE of them. As we have our own proven, industry leading function to do...sandboxing-isolation- A container. Sorry we didn't dedicate resources to one particular A/V vendor. Your priorities are wrong it appears. Do you want to rely on A/V? Or proven containment????

The templates open up holes in the sandbox and/or allow the A/V to work by ignoring the SB container. There are many other A/V software we've tested that works with SBIE. That's updated in our forum regularly and other long term, seasoned SBIE users have agreed Defender is all you need if your are curious what MAY be in the sandbox.

Again, if SBIE is your primary protection, then the "extra" layer is just that...a feel good layer to see what is in the Sandbox.

As for templates, That's not only an invincea issue. The original creator of SBIE wasn't a fan of templates either. Why should we waste resources on making A/V work with us when it's not needed overall & usually directly interferes with our product? We do that as a courtesy.

As for other "Sandboxing" programs, well.... All I can say, there is only one Sandboxie. Proven. For over a decade. With 4+ million users.

But you have Webroot....

Click to expand...

I can think on many ways to say that without being so agressive.

Regarding to your question @shmu26, i've only used Sandboxie back on Windows 7 or virtual machines. On this Windows version, Sandboxie seemed to work well with my antivirus software, which name i can't remember right now. On virtual machines, i only tested Sandboxie on its own. Here on Windows 10 i've had way too many problems to install it and make it work, and very little time to ask for assistance on the forums, so i just rely on my main AV and tiny weightless complements to maximize security. Now about compatibility, Sandboxie Help Account has just said everything that could be said.

Trusted

I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.

Content Creator

I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.

Click to expand...

i disagree, an OS should be protected from all attack vectors , if a single product does it , good, if not you need to fill the holes; in that case you need other softs , this is called the "multi-layer".

you have a firewall = layer
you have a AV = layer
you have an anti-exploit = layer

What do you Sandboxie users run on your PCs? WD, or third-party AV? Or you aren't so concerned about AV, since you are sandboxed anyway?

Click to expand...

i'm using WD because i use Win10 ; i don't like Real-time AV.

I was using Webroot SA, but I saw that SBIE doesn't even have a template for it at all, and furthermore, webroot has its own sandbox feature, and that made me concerned about hidden conflicts.

Click to expand...

sandboxie is a full virtualization mechanism while the one in WSA is policy-one. nothing to conflict. at one time time i used both together but never used WSA sandbox; Sandboxie was safer and more convenient.

I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.

I am of sorry if this sounds condescending, but in my opinion this so called "multi-layered protection" approach is a fallacy advertised by security forums and producers of companion products. The foundation of falling for this fallacy is the lacking of understanding how 1. Windows works, 2. malware works, 3. how malware prevention products work.

Click to expand...

could you please elaborate a little bit?
I assume your approach is to use a single security product to its max?

Regarding to your question @shmu26, i've only used Sandboxie back on Windows 7 or virtual machines. On this Windows version, Sandboxie seemed to work well with my antivirus software, which name i can't remember right now. On virtual machines, i only tested Sandboxie on its own. Here on Windows 10 i've had way too many problems to install it and make it work, and very little time to ask for assistance on the forums, so i just rely on my main AV and tiny weightless complements to maximize security. Now about compatibility, Sandboxie Help Account has just said everything that could be said.

Click to expand...

I saw from your security configuration that you use kaspersky. That's probably why you had grief from SBIE on windows 10.
The only way I could get chrome to start up sandboxed with your configuration was by temporarily exiting kaspersky.

About Us

Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.

Helpful Links

Need Malware Removal Help?

If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware.
We offer free malware removal assistance to our members in the Malware Removal Assistance forum.

Quick Tip

Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.